CVE-2024-7065 | Spina CMS up to 2.18.0 /admin/pages/ cross-site request forgery

Posted by Angelo Barbosa | Jul 24, 2024 | CVE

A vulnerability was found in Spina CMS up to 2.18.0. It has been classified as problematic. Affected is an unknown function of the file /admin/pages/. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2024-7065. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-7065 | Spina CMS up to 2.18.0 /admin/pages/ cross-site request forgery

Related Posts

CVE-2024-26588 | Linux Kernel up to 6.0/6.1.74/6.6.13/6.7.1 BPF out-of-bounds

CVE-2024-22752 | EaseUS MobiMover 6.0.5 Build 21620 Executable permission

CVE-2024-3798 | Phoniebox up to 2.7 Header Parameter cross-site request forgery (ID 2342)

CVE-2024-3031 | Fluid Notification Bar Plugin up to 3.2.3 on WordPress cross site scripting